> TritonInfoSec News
Home / Jun 21, 2026 / Story
0
#6 SecurityWeek general June 19, 2026 at 09:19 UTC

Cybersecurity Firms Impacted by Klue Supply Chain Attack

By Ionut Arghire

AI Summary

The Icarus extortion group's attack on market intelligence platform Klue resulted in OAuth token theft that granted access to customers' Salesforce environments, with confirmed victims including cybersecurity firms Huntress and Recorded Future. The incident illustrates how third-party SaaS integrations create transitive trust relationships that can cascade breaches across an entire customer base.

Read full article → https://www.securityweek.com/cybersecurity-firms-i…

Relevance score: 80.0/100

# More from June 21

  1. 1
    CISA warns Fortinet users to secure devices after FortiBleed leak BleepingComputer
  2. 2
    FortiBleed: 86,000 Fortinet Device Credentials Compromised SecurityWeek
  3. 3
    15,000 WordPress Websites Cleaned Up in SocGholish Botnet Takedown SecurityWeek
  4. 4
    Police raid malware network tied to Russia's Evil Corp hacker group The Record
  5. 5
    Microsoft links Mastra AI supply chain attack to North Korean hackers BleepingComputer
  6. 7
    Klue OAuth breach victim list grows as Icarus hackers claim attack BleepingComputer
  7. 8
    AutoJack Attack Lets One Web Page Hijack AI Agent for Host Code Execution The Hacker News
  8. 9
    Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys The Hacker News
  9. 10
    Apple Patches Beats Studio Buds Flaw Letting Nearby Attackers Spy via Microphone The Hacker News